b'              U.S. Department of Energy\n              Office of Inspector General\n              Office of Inspections and Special Inquiries\n\n\n\n\nInspection Report\n\nInternal Controls Over Classified Computers\nand Classified Removable Media at the\nLawrence Livermore National Laboratory\n\n\n\n\nDOE/IG-0628                                          December 2003\n\x0c\x0c\x0cINTERNAL CONTROLS OVER CLASSIFIED COMPUTERS AND\nCLASSIFIED REMOVABLE MEDIA AT THE LAWRENCE\nLIVERMORE NATIONAL LABORATORY\n\n\nTABLE OF\nCONTENTS\n\n\n              OVERVIEW\n\n              Introduction and Objective          1\n\n              Observations and Conclusions        2\n\n\n              DETAILS OF FINDINGS\n\n              NEST Equipment                      3\n\n              Transferred Classified Computers    3\n\n              Classified Removable Media          4\n\n\n              RECOMMENDATIONS                     5\n\n\n              MANAGEMENT COMMENTS                 5\n\n\n              INSPECTOR COMMENTS                  5\n\n\n              APPENDICES\n\n              A. Scope and Methodology            6\n\n              B. Management Comments              7\n\x0cOverview\n\nINTRODUCTION    Computers are used extensively in the full range of operations at\nAND OBJECTIVE   Lawrence Livermore National Laboratory (Livermore), including\n                processing classified national security information. Livermore\n                reported an inventory of 86 classified laptop computers and 1,141\n                classified desktop computers as of March 2003. In addition,\n                Livermore reported approximately 15,000 pieces of classified\n                removable media. Department of Energy (DOE) policy requires\n                strict inventory controls over classified computers and classified\n                removable media.\n\n                The objective of this inspection was to determine the adequacy of\n                internal controls over the accountability of classified computers\n                and classified computer removable media at Livermore. This\n                inspection complements similar work performed at Los Alamos\n                National Laboratory, \xe2\x80\x9cInterim Inspection Report on Inspection of\n                Internal Controls Over Personal Computers at Los Alamos\n                National Laboratory\xe2\x80\x9d (DOE/IG-0597, April 2003); the Savannah\n                River Site, \xe2\x80\x9cInspection of Internal Controls Over Laptop and\n                Desktop Computers at the Savannah River Site\xe2\x80\x9d (INS-L-03-09,\n                July 29, 2003); and other laboratories, \xe2\x80\x9cManagement of Sensitive\n                Equipment at Selected Locations\xe2\x80\x9d (DOE/IG-0606, June 2003). It\n                also complements our recent inspection of Livermore\xe2\x80\x99s internal\n                controls over firearms, \xe2\x80\x9cFirearms Internal Controls at the\n                Lawrence Livermore National Laboratory (DOE/IG-0621,\n                September 2003).\n\n\n\n\nPage 1                         Internal Controls Over Classified Computers\n                               and Classified Removable Media at the\n                               Lawrence Livermore National Laboratory\n\x0cOBSERVATIONS      We were able to account for each of the 86 classified laptop\nAND CONCLUSIONS   computers listed in Livermore\xe2\x80\x99s property inventory, as well as the\n                  272 classified desktop computers and 200 classified removable hard\n                  drives we selected for sampling. Despite this, we determined that\n                  there were significant inadequacies in the internal controls over\n                  classified computers and classified removable media at Livermore.\n\n                  Specifically, we found that:\n\n                  \xe2\x80\xa2 Classified National Nuclear Security Administration (NNSA)\n                    Nuclear Emergency Search Team (NEST) computer equipment\n                    and removable media were not subjected to required inventories;\n\n                  \xe2\x80\xa2 Six classified desktop computers that were shipped permanently\n                    to other DOE sites and organizations remained in Livermore\xe2\x80\x99s\n                    property inventory; and\n\n                  \xe2\x80\xa2 A classified removable hard drive was not entered into\n                    Livermore\xe2\x80\x99s tracking and accounting system for classified\n                    removable media, as required.\n\n                  Because of the security implications, during our inspection we\n                  alerted Livermore officials to our findings, so appropriate\n                  corrective actions could be initiated immediately.\n\n\n\n\nPage 2                                            Observations and Conclusions\n\x0cDetails of Findings\n\nNEST                               We found that classified NEST computer equipment and\nEQUIPMENT                          removable media were not subjected to required inventories. DOE\n                                   policy presented in the \xe2\x80\x9cClassified Matter Protection and Control\n                                   Manual\xe2\x80\x9d requires that NEST classified computer equipment and\n                                   related media undergo a complete inventory at least once a month by\n                                   two individuals. Based on historical events and the clear vulnerability\n                                   of classified computer equipment and media, such exceptional\n                                   inventory requirements are an essential component of the\n                                   Department\xe2\x80\x99s effort to ensure national security. However, we\n                                   identified three pieces of NEST classified computer equipment and\n                                   five classified removable media that were not being inventoried on a\n                                   monthly basis by two individuals; rather, inventories were conducted\n                                   intermittently at longer intervals by one person. Additionally, we\n                                   identified two NEST classified removable media that were being\n                                   inventoried on an annual basis, but not on a monthly basis as required.\n                                   Reportedly, these media did not contain sensitive information. A\n                                   Livermore official responsible for the NEST equipment advised that\n                                   he was unaware of the DOE inventory requirements.\n\nTRANSFERRED                        We found that six classified desktop computers that were shipped\nCLASSIFIED                         permanently to other DOE sites and organizations remained in\nCOMPUTERS                          Livermore\xe2\x80\x99s property inventory. The six classified desktop computers\n                                   were sent to other DOE sites and organizations one or more years ago\n                                   under the DOE Secure Communications and Teleconferencing1\n                                   (SCAT) project. Details on the computers\xe2\x80\x99 locations and dates of\n                                   shipment are as follows:\n\n                                            Type                   DOE Location              Date Shipped\n                                      Desktop Computer            Bechtel, Andrews             7/29/99\n                                                                       AFB, MD\n                                      Desktop Computer               Pantex Plant,               8/23/99\n                                                                    Amarillo, TX\n                                      Desktop Computer                  ORISE,                  10/25/00\n                                                                  Kirtland AFB, NM\n                                      Desktop Computer                   DOE,                   12/12/00\n                                                                      Wash., DC\n                                      Desktop Computer             Savannah River                1/24/01\n                                                                   Site Office, GA\n                                      Desktop Computer             Yarrow, Assoc.,              10/25/01\n                                                                     Fairfax, VA\n\n\n1\n  The SCAT system is used for crisis and routine communication by DOE, the Department of Homeland Security,\nand other emergency response organizations. Livermore is responsible for the acquisition and transfer of all SCAT\ncomputers to DOE sites and organizations in the SCAT program.\n\n\nPage 3                                                                                    Details of Findings\n\x0c             We were advised that the transfer of ownership for the six\n             computers was not completed in a timely manner because the\n             property representative responsible for the transfer had overlooked\n             the requirement. A Livermore official said that action was being\n             taken to transfer ownership of the six classified computers to the\n             appropriate DOE sites and organization.\n\nCLASSIFIED   We found that a classified removable hard drive was not entered\nREMOVABLE    into Livermore\xe2\x80\x99s tracking and accounting system for classified\nMEDIA        removable media. We accounted for each of the 200 classified\n             removable hard drives in our judgmental sample of the 2,309\n             classified removable hard drives listed in Livermore\xe2\x80\x99s tracking and\n             accounting system. However, during our sampling of the classified\n             removable hard drives, we identified a classified removable hard\n             drive that was not entered into Livermore\xe2\x80\x99s tracking and\n             accounting system. We were advised that the reason for this was\n             an oversight by a Livermore employee. The exclusion of any\n             classified media from the Laboratory\xe2\x80\x99s tracking system, regardless\n             of the underlying cause, has serious implications for the security\n             and accountability of highly sensitive materials.\n\n             Livermore officials informed us that they took immediate action to\n             correct this condition. Livermore officials advised that they\n             entered the classified hard drive into Livermore\xe2\x80\x99s tracking and\n             accounting system. Livermore officials also advised that they\n             conducted a physical inventory of all classified removable hard\n             drives and that all other media was being tracked and accounted\n             for. Further, Livermore officials advised that Livermore published\n             a \xe2\x80\x9cLessons Learned\xe2\x80\x9d bulletin reminding all employees that all\n             \xe2\x80\x9cclassified removable electronic media\xe2\x80\x9d are accountable and must\n             be tracked in Livermore\xe2\x80\x99s tracking and accounting system for\n             classified removable media.\n\n\n\n\nPage 4                                                         Details of Findings\n\x0cRECOMMENDATIONS   Livermore\xe2\x80\x99s failure to adequately enforce inventory and\n                  accountability requirements for classified items increases the\n                  vulnerability of classified computers and media, including critical\n                  NEST equipment, to loss, abuse, and theft. Therefore, we\n                  recommend that the Manager, Livermore Site Office, ensure that:\n\n                  1. All NEST classified computer equipment and removable media\n                     are subjected to inventory reviews in accordance with DOE\n                     policy;\n\n                  2. Livermore transfers the ownership of all SCAT classified\n                     desktop computers to the appropriate DOE sites and\n                     organizations; and\n\n                  3. Steps are taken to ensure that classified media is immediately\n                     controlled upon being designated as classified.\n\nMANAGEMENT        On November 18, 2003, the Associate Administrator for\nCOMMENTS          Management and Administration, National Nuclear Security\n                  Administration, provided written comments on our draft inspection\n                  report. The Associate Administrator\xe2\x80\x99s verbatim response is\n                  included as Appendix B to this report. Management agreed with\n                  the report findings and recommendations and identified corrective\n                  actions taken or planned relating to the recommendations.\n\nINSPECTOR         We consider management\xe2\x80\x99s comments and actions regarding\nCOMMENTS          the findings and recommendations contained in our report to be\n                  responsive.\n\n\n\n\nPage 5                                                     Recommendations\n                                          Management and Inspector Comments\n\x0cAppendix A\n\nSCOPE AND     We conducted the fieldwork portion of our review during\nMETHODOLOGY   January 2003 to June 2003. Our review included interviews with\n              officials from the Livermore Site Office and Lawrence Livermore\n              National Laboratory. In addition, we conducted inventory\n              verification of a judgmental sampling of classified desktop\n              computers. We also reviewed applicable policies and procedures\n              and other records regarding property management and computers,\n              including:\n\n              \xe2\x80\xa2   Livermore Management and Operating Contracts.\n\n              \xe2\x80\xa2   DOE Property Management Regulations, Title 41 Code of\n                  Federal Regulations, Chapter 109.\n\n              \xe2\x80\xa2   Livermore Property Management Policies and Procedures.\n\n              \xe2\x80\xa2   DOE M 471.2-1C, Classified Matter Protection and Control\n                  Manual, Approved 4-17-01.\n\n              \xe2\x80\xa2   DOE M 471.2-2, Classified Information Systems Security\n                  Manual, dated 8-3-99.\n\n              \xe2\x80\xa2   Livermore\xe2\x80\x99s Classified Document User\xe2\x80\x99s Manual, dated\n                  October 2002.\n\n              \xe2\x80\xa2   Livermore\xe2\x80\x99s Accountable Documents and Media Procedures,\n                  dated September 2000, Revised March 11, 2002.\n\n              \xe2\x80\xa2   Livermore\xe2\x80\x99s General Plan 4001 v1.3, General Computer\n                  Security Plan for PL-1 Multiple User Classified Systems, dated\n                  July 30, 2002.\n\n              \xe2\x80\xa2   Livermore\xe2\x80\x99s Policy 4303 v4.3, Classified \xe2\x80\x93 Single User Stand\n                  Alone (SUSA) Security Plan, dated July 24, 2002.\n\n              This inspection was conducted in accordance with the \xe2\x80\x9cQuality\n              Standards for Inspections\xe2\x80\x9d issued by the President\xe2\x80\x99s Council on\n              Integrity and Efficiency.\n\n\n\n\nPage 6                                                Scope and Methodology\n\x0cAppendix B\n\n\n\n\nPage 7       Management Comments\n\x0c                         National Nuclear Security Administration\n                                   Management Decision\n                          to the Inspector General\xe2\x80\x99s Draft Report\n                \xe2\x80\x9cInspection of Internal Controls Over Classified Computers\n                          and Classified Removable Media at the\n                        Lawrence Livermore National Laboratory\xe2\x80\x9d\n\n\nWe recommend that the Manager, Livermore Site office, ensure that:\n\nRecommendation 1\n\n      All NEST classified computer equipment and removable media are subjected to inventory\n      reviews in accordance with DOE policy\n\n      Management Decision\n\n      Concur\n\n      While the LLNL NEST Team has been very diligent in checking and inventorying their\n      equipment, the inventories have not been performed using the two-person rule as required\n      by DOE security policy. LLNL NEST personnel have been conducting weekly\n      inventories in conjunction with their requirement to test the computer equipment. There\n      are 177 inventory sheets covering the time period of January 2002 through October 2003.\n       However, the form of the inventories was not one that led to an easy inspection because\n      of changes in the format of the inventory checklist and multiple inventory locations.\n      Some of the items had also been deployed to Kirtland Air Force Base, but the\n      accompanying receipts were not stapled to the inventory sheet.\n\n      In addition, the draft report mentions that two NEST classified removable media were not\n      being inventoried at all. In fact, the media was being inventoried annually and did not\n      contain any sensitive data. This media will now be included in the future monthly\n      inventories.\n\n      Currently, LLNL is inventorying NEST computers and removable classified media using\n      the two person rule. After the OIG exit conference, the LLNL Classified Matter\n      Protection and Control Manager reviewed all of the inventory files and designed a new\n      checklist that enables someone to easily verify the items being inventoried. It will be\n      used for the next monthly inventory. LLNL NEST computer security will now validate\n      that monthly inventories have been completed. NNSA LSO will validate that these\n      corrective actions are in place by December 7, 2003.\n\n\nPage 8                                                                Management Comments\n\x0c__________________________________________________________________\n\n                                                                                  2\n\nRecommendation 2\n\n      Livermore transfers the ownership of all SCAT classified desktop\n      computers to the appropriate DOE sites and organizations.\n\n      Management Decision\n\n      Concur\n\n      This discrepancy was apparently due to an oversight on the part of the\n      LLNL property representative. LLNL has since transferred ownership of\n      these computers to the appropriate DOE sites and organizations. The\n      LLNL Property Manager met with the property representative involved in\n      the transfer to coach the employee on property transfer procedures. We\n      consider the actions taken responsive and complete.\n\nRecommendation 3\n\n      Steps are taken to ensure that classified media is immediately controlled\n      upon being designated as classified.\n\n      Management Decision\n\n      Concur\n\n      This issue led to NNSA LSO issuing the following finding to LLNL in\n      May 2003: LLNL Classified Matter Protection and Control practices do\n      not ensure that all classified removable media are subjected to\n      accountability controls as required. LLNL accountability processes do not\n      address all material that should be accounted for and inventoried (03-\n      LLNL-IS.2-001). Corrective Actions included:\n\n      \xe2\x80\xa2   A wall to wall assessment was completed on March 28, 2003 to\n          identify if additional items were not in accountability. LLNL will\n          conduct another wall to wall assessment in June 2004.\n\n      \xe2\x80\xa2   A working group was formed by the LLNL Director\xe2\x80\x99s Office to\n          identify and address root causes. A final report was delivered to LSO\n          on June 10, 2003.\n\n\n\n__________________________________________________________________\nPage 9                                      Management Comments\n\x0c                                                                                           3\n\n          \xe2\x80\xa2   Local operating plans were developed covering issues related to training\n              requirements and notification to employees of local processes developed to\n              ensure classified removable media were placed into accountability. Full\n              implementation of these plans is expected by November 21, 2003.\n\n\n\n\nPage 10                                                     Management Comments\n\x0c                                                                    IG Report No. DOE/IG-0628\n                             CUSTOMER RESPONSE FORM\n\nThe Office of Inspector General has a continuing interest in improving the usefulness of its\nproducts. We wish to make our reports as responsive as possible to our customers\xe2\x80\x99 requirements,\nand, therefore, ask that you consider sharing your thoughts with us. On the back of this form,\nyou may suggest improvements to enhance the effectiveness of future reports. Please include\nanswers to the following questions if they are applicable to you:\n\n\n1. What additional background information about the selection, scheduling, scope, or\n   procedures of the inspection would have been helpful to the reader in understanding this\n   report?\n\n2. What additional information related to findings and recommendations could have been\n   included in the report to assist management in implementing corrective actions?\n\n3. What format, stylistic, or organizational changes might have made this report\xe2\x80\x99s overall\n   message more clear to the reader?\n\n4. What additional actions could the Office of Inspector General have taken on the issues\n   discussed in this report which would have been helpful?\n\n5. Please include your name and telephone number so that we may contact you should we have\n   any questions about your comments.\n\nName                                          Date\nTelephone                                     Organization\n\n\nWhen you have completed this form, you may telefax it to the Office of Inspector General at\n(202) 586-0948, or you may mail it to:\n\n\n                               Office of Inspector General (IG-1)\n                                     Department of Energy\n                                    Washington, DC 20585\n\n\n                                  ATTN: Customer Relations\nIf you wish to discuss this report or your comments with a staff member of the Office of\nInspector General, please contact Wilma Slaughter at (202) 586-1924.\n\x0cThe Office of Inspector General wants to make the distribution of its reports as customer friendly and cost\n  effective as possible. Therefore, this report will be available electronically through the Internet at the\n                                             following address:\n\n\n                   U.S. Department of Energy Office of Inspector General Home Page\n                                           http://www.ig.doe.gov\n\n\n       Your comments would be appreciated and can be provided on the Customer Response Form\n\x0c'